CERTFR-2018-AVI-060
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE . Elles permettent à un attaquant de provoquer une exécution de code et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-LTSS | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP 12-SP1 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 12 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 12-SP3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-SP1-LTSS |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Server 12-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP 12-SP1",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12-SP3",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12-SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-15649",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15649"
},
{
"name": "CVE-2017-16939",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16939"
},
{
"name": "CVE-2017-17712",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17712"
},
{
"name": "CVE-2017-15868",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15868"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20180346-1 du 1 f\u00e9vrier 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180346-1/"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20180347-1 du 1 f\u00e9vrier 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180347-1/"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20180340-1 du 1 f\u00e9vrier 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180340-1/"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20180345-1 du1 f\u00e9vrier 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180345-1/"
}
],
"reference": "CERTFR-2018-AVI-060",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2018-01-29T00:00:00.000000"
},
{
"description": "Ajout des bulletins de s\u00e9curit\u00e9 SUSE du 29 d\u00e9cembre",
"revision_date": "2018-01-30T00:00:00.000000"
},
{
"description": "Ajout des bulletins de s\u00e9curit\u00e9 SUSE du 30 d\u00e9cembre",
"revision_date": "2018-01-31T00:00:00.000000"
},
{
"description": "Ajout de bulletins",
"revision_date": "2018-02-05T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE . Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de\ncode et une \u00e9l\u00e9vation de privil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20180252-1 du 26 janvier 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180252-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20180273-1 du 29 janvier 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180273-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20180276-1 du 29 janvier 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180276-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20180242-1 du 26 janvier 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180242-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20180239-1 du 26 janvier 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180239-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20180278-1 du 30 janvier 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180278-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20180268-1 du 29 janvier 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180268-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20180275-1 du 29 janvier 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180275-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20180296-1 du 30 janvier 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180296-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20180238-1 du 26 janvier 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180238-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20180253-1 du 26 janvier 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180253-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20180243-1 du 26 janvier 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180243-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20180340-1 du 01 f\u00e9vrier 2018",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20180269-1 du 29 janvier 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180269-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20180245-1 du 26 janvier 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180245-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20180277-1 du 29 janvier 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180277-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20180347-1 du 01 f\u00e9vrier 2018",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20180301-1 du 30 janvier 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180301-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20180270-1 du 29 janvier 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180270-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20180297-1 du 30 janvier 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180297-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20180250-1 du 26 janvier 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180250-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20180240-1 du 26 janvier 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180240-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20180272-1 du 29 janvier 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180272-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20180267-1 du 29 janvier 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180267-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20180251-1 du 26 janvier 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180251-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20180346-1 du 01 f\u00e9vrier 2018",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20180241-1 du 26 janvier 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180241-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20180294-1 du 30 janvier 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180294-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20180244-1 du 26 janvier 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180244-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20180237-1 du 26 janvier 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180237-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20180265-1 du 29 janvier 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180265-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20180274-1 du 29 janvier 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180274-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20180271-1 du 29 janvier 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180271-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20180282-1 du 30 janvier 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180282-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20180281-1 du 30 janvier 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180281-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20180298-1 du 30 janvier 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180298-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20180345-1 du 01 f\u00e9vrier 2018",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20180233-1 du 26 janvier 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180233-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20180266-1 du 29 janvier 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180266-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20180249-1 du 26 janvier 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180249-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20180280-1 du 30 janvier 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180280-1/"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…